You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/security/infrastructure.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,12 +12,12 @@ The monitoring infrastructure was developed both in-house, and by vendors as nee
12
12
13
13
Specific requirements are followed by any Polygon Labs employee that is a signer on a corporate multisig contract. Multisig contacts are corporate-owned and control treasury assets or smart contract deployments. They consist of Safes (previously Gnosis Safes) and other smart contract multisig implementations. Hardware wallets are hardware-based cold storage, such as Trezor or Ledger devices that store private keys and enable signing multisig transactions offline. Signer multisig requirement include:
14
14
15
-
- Hardware wallet: Polygon requires cold storage from an accepted vendor dedicated for company official use only and secured by a PIN
16
-
- Hot wallets: Hot wallets are not allowed for use on Polygon multisigs
17
-
- Corporate workstation: Signing must be performed from a company system managed by our enterprise mobile device management (MDM) platform complete with anti-virus (AV) and endpoint detection and device (EDR)
18
-
- Clean key: All signers are required to create a clean key that has never been exposed to a hot wallet
19
-
- Mnemonic storage: Polygon mandates safe storage of mnemonic passphrases and provides guidance to its employees
20
-
- Secure communication: All multisig signing events are coordinated using Polygon’s accepted communication protocols for multisigs
15
+
- Hardware wallet: Polygon requires cold storage from an accepted vendor dedicated for company official use only and secured by a PIN.
16
+
- Hot wallets: Hot wallets are not allowed for use on Polygon multisigs.
17
+
- Corporate workstation: Signing must be performed from a company system managed by our enterprise mobile device management (MDM) platform complete with anti-virus (AV) and endpoint detection and device (EDR).
18
+
- Clean key: All signers are required to create a clean key that has never been exposed to a hot wallet.
19
+
- Mnemonic storage: Polygon mandates safe storage of mnemonic passphrases and provides guidance to its employees.
20
+
- Secure communication: All multisig signing events are coordinated using Polygon’s accepted communication protocols for multisigs.
21
21
22
22
**All corporate multisigs are monitored 24/7 by the Polygon security team.**
0 commit comments